package org.prs.web.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.validator.GenericValidator;
import org.prs.model.User;
import org.prs.persistence.UserDatabasePersitenceManager;
import org.prs.service.PasswordService;

public class LoginLogoutServlet extends HttpServlet {

    private User loggingUser = new User();
    private UserDatabasePersitenceManager persistUser = new UserDatabasePersitenceManager();

    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        try {
            HttpSession session = request.getSession(true);
            String action = request.getParameter("action");

            if (action.equals("login")) {
                loggingUser = new User();
                loggingUser.setPassword(request.getParameter("password"));
                loggingUser.setUsername(request.getParameter("username"));
                if (GenericValidator.isBlankOrNull(loggingUser.getUsername()) || GenericValidator.isBlankOrNull(loggingUser.getPassword())) {
                    session.setAttribute("loginmsg", "Username or Password cannot be null");
                    response.sendRedirect("index.jsp");
                    return;
                }
                 loggingUser.setPassword(PasswordService.getInstance().encrypt(request.getParameter("password")));
                boolean authenticateUser = persistUser.authenticateUser(loggingUser);
                if (!authenticateUser) {
                    session.setAttribute("loginmsg", "Username or Password is wrong");
                    response.sendRedirect("index.jsp");
                    return;
                }else{
                    loggingUser=persistUser.getUserByUsername(loggingUser.getUsername());
                    session.setAttribute("loggedinuser", loggingUser);
                    response.sendRedirect("welcome.jsp");
                    return;
                }
            }
            if (action.equals("logout")) {
                session.setAttribute("loginmsg", "User "+loggingUser.getUsername()+" logged out successfully");
                response.sendRedirect("index.jsp");
                session.setAttribute("loggedinuser", null);
                return;
            }

        } finally {
            out.close();
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
